Add Request Not Ready error when presigned date request is not valid (#2646)

master
Anis Elleuch 8 years ago committed by Harshavardhana
parent 32201a18ab
commit 11785529fc
  1. 6
      cmd/api-errors.go
  2. 4
      cmd/signature-v4.go

@ -103,6 +103,7 @@ const (
ErrNegativeExpires ErrNegativeExpires
ErrAuthHeaderEmpty ErrAuthHeaderEmpty
ErrExpiredPresignRequest ErrExpiredPresignRequest
ErrRequestNotReadyYet
ErrUnsignedHeaders ErrUnsignedHeaders
ErrMissingDateHeader ErrMissingDateHeader
ErrInvalidQuerySignatureAlgo ErrInvalidQuerySignatureAlgo
@ -448,6 +449,11 @@ var errorCodeResponse = map[APIErrorCode]APIError{
Description: "Request has expired", Description: "Request has expired",
HTTPStatusCode: http.StatusForbidden, HTTPStatusCode: http.StatusForbidden,
}, },
ErrRequestNotReadyYet: {
Code: "AccessDenied",
Description: "Request is not valid yet",
HTTPStatusCode: http.StatusForbidden,
},
// FIXME: Actual XML error response also contains the header which missed in lsit of signed header parameters. // FIXME: Actual XML error response also contains the header which missed in lsit of signed header parameters.
ErrUnsignedHeaders: { ErrUnsignedHeaders: {
Code: "AccessDenied", Code: "AccessDenied",

@ -246,6 +246,10 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, validate
query.Set("X-Amz-Algorithm", signV4Algorithm) query.Set("X-Amz-Algorithm", signV4Algorithm)
if pSignValues.Date.After(time.Now().UTC()) {
return ErrRequestNotReadyYet
}
if time.Now().UTC().Sub(pSignValues.Date) > time.Duration(pSignValues.Expires) { if time.Now().UTC().Sub(pSignValues.Date) > time.Duration(pSignValues.Expires) {
return ErrExpiredPresignRequest return ErrExpiredPresignRequest
} }

Loading…
Cancel
Save